5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.072 Low
EPSS
Percentile
94.0%
The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows
remote attackers to cause a denial of service (CPU exhaustion by recursion)
via a glob pattern with a large number of * (wildcard) characters, as
demonstrated using the dir command.